SAN FRANCISCO—January 31, 2024 — Vanta, the leading trust management platform, today announced several growth, product and partner milestones showcasing the company's continued acceleration as the platform of choice pioneering the next generation of Governance, Risk, and Compliance capabilities. Surpassing a number of growth metrics including $100M in Annual Recurring Revenue (ARR) and nearly doubling customers to 7,000 companies around the world, Vanta's performance has been further powered by the announcement of new enterprise-ready features and the rollout of AI innovations, including support for the NIST AI Risk Management Framework.

 Vanta Unlocks New Milestones

Capping a record year, Vanta announced today that it surpassed $100M in ARR in FY '24, ending January 31, 2024. In addition to reaching the milestone within 5 years of entering the market, Vanta nearly doubled its global customer base this past year, adding approximately 900 customers per quarter. Today, Vanta is the trust management platform of choice for nearly 7,000 companies around the world including Atlassian, Chili Piper, Flo Health and Quora, to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. 

Vanta delivered unprecedented product, customer and organizational growth in FY '24 including:

• Launching over 260 new product features, including Vanta AI, Vendor Risk Management, and Vanta Trust Center
• Expanding globally in EMEA and APAC with almost 1 in 4 customers now headquartered outside of the U.S.
• Appointing David Eckstein, Chief Financial Officer, Jeremy Epling, Chief Product Officer, and Jadee Hanson, Chief Information Security Officer

Vanta's industry-leading innovation has been recognized across a range of rankings and awards in the past year including CNBC Disruptor 50, Forbes Cloud 100, Fortune Cyber 60 and Inc. Best Workplaces. 

"Vanta was founded to redefine the status quo and turn trust into a revenue-driver for companies so that more security work is prioritized more often," said Christina Cacioppo, CEO, Vanta. "It's clear that the tipping point for trust management is now. As we look forward to 2024, we're helping our 7,000 global customers transform trust into their greatest asset by investing in our enterprise-ready experiences, international market expansion and supercharging the product with AI."

Enterprise-ready Features for Sophisticated GRC Teams

To accelerate its enterprise momentum, Vanta has built the capabilities required by GRC and Information Security teams to scale their compliance program, unify key risk management workflows and streamline third party risk management including:

• 300 pre-built integrations providing continuous, real time monitoring of security and compliance across cloud providers, HRIS, datastore providers, and many more
• Vanta API to build private integrations with internal systems or public integrations accessible by Vanta customers
• Increased customization for GRC practitioners, including the ability to create custom frameworks and customize Vanta's built-in automated tests
• Executive reporting to prioritize and act on the key risks, measure the success of your security program, and easily report the impact to stakeholders (currently in Beta)
• Enterprise-ready capabilities such as Single Sign On, Workspaces, custom Role-Based Access Controls, and more

Vanta's breadth of workflows and depth of automation have catapulted the firm to be the trusted choice for Chegg, Omni Hotels and ZoomInfo. 

"Both risk management and compliance software and services continue to be top investment areas for organizations. Still, in an increasingly hostile cybersecurity environment, security teams often find themselves under-resourced and without the in-house capabilities to fully utilize their legacy GRC technology investment," said Phil Harris, Research Director, Governance, Risk and Compliance, IDC. "New GRC platforms are emerging in the marketplace that reduce the necessary but laborious tasks involved with identifying, tracking, treating and closing risks, increasing productivity and giving team members more time to focus on business-critical projects."

Advancing the Future of Trust in an AI World

With AI and LLM usage in 2024 continuing to accelerate, Vanta is helping customers ensure they are managing the associated risks, and demonstrate their management of those risks, to their stakeholders. Previously introduced at VantaCon in December 2023, Vanta announced today that it is releasing the NIST AI Risk Management Framework (RMF) as a product that customers can use to centralize their AI risk management workflows in beta with general availability starting in February 2024.

The NIST AI RMF is a governance framework developed by NIST aimed at mitigating risks associated with the design, development, use, and evaluation of AI products, services, and systems. By adding support for the NIST AI RMF directly within the Vanta platform, Vanta will enable leading companies to continue pushing innovation boundaries while growing trust. 

Vanta is also expanding the use of AI within the platform to help customers further automate once-manual and tedious security and compliance workflows. Starting today, customers can customize the questions Vanta AI uses to analyze security documents within Vanta's Vendor Risk Management solution, reducing the time and effort to conduct thorough vendor security reviews. In addition, Vanta's Access Reviews solution now can leverage Vanta AI to automatically and reliably import user access data from images and PDFs – valuable for legacy or on-premises systems that may not have integration capabilities. Vanta AI also now suggests mapping existing tests and policies to relevant controls, making it easier to set up new compliance frameworks within Vanta.

A-LIGN Partnership

According to Vanta's State of Trust Report, 2 in 3 businesses say that their customers are increasingly looking for more proof of security. While customer expectations are on the rise, security teams are expected to do more with less with a mere 9% of operating budgets dedicated to security, leaving many teams inadequately resourced to prepare for and complete audits.

With Vanta and A-LIGN, customers can now get the best of both worlds—a scalable platform to automate up to 90% of the evidence collection needed to complete a SOC 2 or ISO 27001 audit, and a security and compliance partner that leads the market on quality and efficiency to complete the audit. As the top SOC 2 issuer in the world, A-LIGN is trusted by more than 4,000 global organizations to mitigate cybersecurity risks by offering customized solutions tailored specifically with an organization's unique goals and objectives. Enterprise brands and scale-ups trust A-LIGN and Vanta for their organization's security and compliance needs.

"I am thrilled to announce our strategic partnership with Vanta," said Scott Price, CEO, A-LIGN. "This collaboration marks a significant milestone for customers who take cybersecurity seriously. The combination of high-quality audits and assessments, with unparalleled speed and efficiency, will deliver enormous value for our mutual customers."

About Vanta

Vanta is the leading trust management platform that helps simplify and centralize security for organizations of all sizes. Nearly 7,000 companies including Atlassian, Chili Piper, Flo Health and Quora rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, New York, San Francisco and Sydney. For more information, visit www.vanta.com.

Press Contact

press@vanta.com